How it works
decrypt.lu opens files encrypted with encrypt.lu. You can paste a shared link or drop an .enc file. Decryption happens only in your browser — we never see your password or decrypted data.
How do you have the encrypted content?
Either you have a link the sender shared with you, or you have the .enc file on your device.
Enter password or key
Use the password or random key the sender gave you. We derive the decryption key in your browser; we never see or store it.
Decrypt in your browser
Decryption runs entirely in your browser. If you used a shared link, the server only sends the encrypted blob; it never has your password or plaintext.
Result
You can save or open your decrypted files. We never store your password or decrypted data.
Client-side only
Decryption and key derivation run entirely in your browser. If you use a shared link, the server only sends the encrypted blob; it never has your password or plaintext.
How the link works: The decryption key is in the URL fragment (the part after #). The fragment never goes to the server—only your browser receives it—so the server never sees the key. If the sender protected the link with a password, the key is wrapped in that password: you need the password to unwrap the key and decrypt the file.
- Note ID
- Created by the server when the encrypted file was uploaded. It identifies the file so the server can serve it. The server sees this part of the URL.
- Fragment
- The part after #. It contains the decryption key (or the key wrapped in a password). The fragment is never sent to the server—only your browser receives it.
How strong is the encryption?
We use Libsodium, a modern and widely trusted cryptographic library, to protect sensitive data.
For encryption, we utilize XChaCha20-Poly1305, a high-security authenticated encryption scheme built on the ChaCha20 stream cipher with Poly1305 message authentication. We use 256-bit keys, which provides quantum-safe ciphertext. This construction provides both confidentiality and integrity, ensuring that encrypted data cannot be read or modified without detection. The extended nonce variant (XChaCha20) further strengthens security by reducing the risk of nonce reuse and enabling safe encryption of large volumes of data.
For key derivation, we use Argon2id, the current industry-recommended, memory-hard password hashing and key derivation function. Argon2id is designed to resist brute-force and hardware-accelerated attacks, making it well suited for protecting passwords and deriving encryption keys from user secrets.
Libsodium is actively maintained, extensively audited, and built to prevent common cryptographic implementation mistakes. The algorithms we use are modern, widely vetted by the security community, and suitable for protecting highly sensitive data.
Limitations
The relay (or anyone holding the .enc file) still sees ciphertext length and transfer timing. Metadata (original filename, exact file size, and chunk size) is encrypted, and metadata-frame padding hides filename length. File size remains partially visible only to chunk-level precision because the last data chunk is zero-padded before encryption.